Security, anti Brute Force firewall. It adds a few seconds delay for any failed attempt to login to WordPress back-end. Security & Firewall by CleanTalk makes access to your website more secure.

Security report and security log include login attempts for non-existent accounts. Bots do not know the user logins of your website and they try to use brute force method to find real user logins. CleanTalk security firewall will stop this threat.

CleanTalk security firewall is created with maximum regard for the needs of users do not have extensive knowledge of security. Easy-to-use firewall allows you to ensure security and protect your site from brute force.

Security report by email

Every day the plugin sends Security report to your email.
The report provides data on the number of incorrect password entries and the IP addresses from which the tried to sign in.

Security Audit Log: control the actions in the admin area to improve the security of your site

Security Audit Log keeps track of actions in the WP Dashboard to let you know what is happening on your blog.

With the Security Audit Log is very easy to see user activity in order to understand what changes have done and who made them.

Security Audit Log shows who logged in and when and how much time they spent on each page.

Brute force security

Brute force attack is an exhaustive password search to get full access to an Administrator account. Passwords are not the hard part for hackers taking into account the quantity of sent password variants per second and the big amount of IP-addresses.

Brute force attack is one of the most security issues as an intruder gets full access to your website and can change your code. Consequences of these break-ins might be grievous, your website could be added to the [botnet] and it could participate in attacks to other websites, it could be used to keep hidden links or automatic redirection to a suspicious website. Consequences for your website reputation might be very grievous.

Anti Brute force security

The plugin is effective — it doesn’t load the server, doesn’t enquire the database and doesn’t create any tables. It doesn’t put anything in “.htaccess” as it could have a negative effect on your website accessibility or block the access to Administrator profile.
Security & Firewall by CleanTalk takes optimal delay time between login attempts when a user corrects his credentials and tries to log in again. These seconds are more than enough for a user. If a user didn’t make it in time — he can always retry and the delayed time will be nullified.

Security & Firewall by CleanTalk reduces the effectiveness of brute-force attacks. A bot spends milliseconds to submit passwords, but the firewall allows to do it once in several seconds. If a bot needed a few months to find correct password, the protection prolongs the time to several years.

How to improve security on your own WordPress website. This a short list for WP security

Security in WordPress is taken very seriously, but as with any other system there are potential security issues that may arise if some basic security precautions aren’t taken.

Don’t publish posts and comments from the administrator account.

Create other accounts for each administrator with another role such as Author or Editor. It all depends on your needs. Assign people to the appropriate roles and you’ll greatly reduce your security risk.

If someone requires administrator access momentarily for a configuration change, grant it, but then remove it upon completion of the task.

Backups are invaluable. If you have a recent backup of your site then you will be able to restore it back to normal no matter what bad thing might happen.

Security Log

Security FireWall by CleanTalk helps of WordPress administrators, owners and security professionals ensure the security of their websites and blogs before they become a security problem.

WordPress is the most popular CMS and therefore it’s a frequent target for brute force attacks and every website should have additional website security measures in place as a standard.
Due to the nature of these attacks, you may find your server’s memory goes through the roof, causing performance problems. This is because the number of HTTP requests (that is the number of times someone visits your site) is so high that servers run out of memory.

The dictionary attack is a password attack that attempts to determine a password by trying words from a predefined list, or dictionary, of likely passwords. A “dictionary attack” is similar and tries words in a dictionary — or a list of common passwords — instead of all possible passwords. This can be very effective, as many people use such weak and common passwords.

Sometimes, rather than trying many passwords against one user, another brute force attack method is to try one password against many usernames. This technique is worth noting as it is where most account lockout policies fail. This brute force attack is less common, however, because it’s often difficult for the attacker to compile a sufficiently large volume of usernames for the reverse attack.

Brute-force attacks become faster and more effective with each passing day as newer, faster computer hardware is released.

There are a number of techniques for preventing brute force attacks .
A better, albeit more complicated technique is progressive delays. With progressive delays, user accounts are locked out for a set period of time after a few failed login attempts. The lock-out time increases with each subsequent failed attempt. This prevents automated tools from performing a brute force attack and effectively makes it impractical to perform such an attack. CleanTalk security firewall uses this method to block brute force attacks.